curious DNS behavior on a 7.0...

Steve Bertrand iaccounts at ibctech.ca
Fri Nov 2 00:19:06 PDT 2007 

>> however, right now "new" every website i browse is penalized with a 10-20 
>> second delay before the page finally starts loading.  tcpdump is full of 
>> these:

> wouldn't it be your browser requesting the IPv6 address?  you can check easy
> enough by pinging any website (which you haven't resolved yet) and see if u get
> the same calls.

Good observation.

> unless you are pointing your resolver to localhost, and  your local named is
> requesting the v6 AAAA records. Look into disabling this behaviour @ named.conf.

I don't personally believe disabling this is the right approach.

For instance, I set up a test IPv6 IP on an interface on a 100Mbps LANx
WAN fast Ethernet connection. I then added an AAAA record to a named
server. Working from another server on the same physical network (albeit
different subnet across separate interfaces), the query time for both is
exactly the same.

Note that my resolver on 'cohiba' points to 208.70.104.3.

cohiba# dig aaaa lanx-fa1.ibctech.ca

lanx-fa1.ibctech.ca.    7087    IN      AAAA    3ffe:ff00:1::1
;; Query time: 0 msec

cohiba# dig lanx-fa1.ibctech.ca

;lanx-fa1.ibctech.ca.           IN      A
;; Query time: 0 msec


...Now, performing the same test, from the same server, using the same
DNS box looking for the exact same www site that the OP stated that was
a problem originally:

# INITIAL DNS LOOKUP

cohiba# dig www.srh.noaa.gov

; <<>> DiG 9.3.2 <<>> www.srh.noaa.gov
;; ANSWER SECTION:
www.srh.noaa.gov.       86400   IN      A       216.38.80.20

;; Query time: 210 msec
;; SERVER: 208.70.104.3#53(208.70.104.3)

# SPECIFIC IPv6 LOOKUP (no answer)

cohiba# dig aaaa www.srh.noaa.gov

; <<>> DiG 9.3.2 <<>> aaaa www.srh.noaa.gov

;www.srh.noaa.gov.              IN      AAAA

;; Query time: 102 msec


CONCLUSION:

If the last poster is right and it's only the browser is failing because
it uses it's own faulty internal DNS resolver, then this is obviously a
serious hindrance to the implementation of IPv6. Of course most 'users'
aren't on the 'Internet' if their MSN page doesn't display, and will
take the path of least cost to make it work ;)

I'm not a protocol expert, but from what I can tell, a web browser DNS
resolver/cache that works this way may also have quite an impact on the
view regarding usability of any OS as IPv6 becomes more prevalent, not
just FreeBSD.

I've never noticed these problems before. Running Portable Firefox on my
Windows XP workstation, I see the IPv6 and IPv4 address of all sites I
go to, if they are v6 enabled. However, I have 16^N variables involved
that make that an unfair evaluation.

-- Does anyone else have issues in this regard? Particularly, does
anyone else have IPv6 enabled, or better yet in use that can provide any
feedback?

Steve

More information about the freebsd-questions mailing list